PA state website attack traced to China

Chinese hackers are believed to have compromised several pages on the Pennsylvania state government website but were stopped before they could lift any sensitive data or spread malware.

The intruders gained access Friday to the webpages of four state agencies: the Education, Labor and Industry, Lottery and Military and Veterans Affairs departments, said Mia DeVane, a spokeswoman for the state Office of Administration.

The source of the attack was traced to a domain registered in China, she told SCMagazineUS.com today.

Allen Paller, director of research for the SANS Institute told SCMagazineUS.com today that Chinese hackers have moved beyond familiar government targets.

“The pattern we’re seeing is a spread beyond the Department of Defense and the defense industrial base,” he said today..

“Either it’s a different group, not the Chinese military, or they’ve come up with a reason why they want state data as well,” he said.

Friday’s attack prompted the state to shut down its website from about 9:30 a.m. to 5:30 p.m. EST, DeVane said, adding that she did not know the hackers’ motive.

“It’s not uncommon that folks try to get in with domains from China and Russian and Eastern Europe,” she said. “I do know there were several states that experienced the same situation (on Friday).”

Chinese hackers were widely blamed for cyberattacks on the Pentagon and State Department in 2006.

DeVane credited Pennsylvania’s strong security posture with being able to fend off the attacks. She said she did not have other information regarding the attacks on other states, which she declined to identify.

“We have all the latest and greatest virus and security protections in place,” she said. “That’s why we were able to catch it early.”